<%@ page import="edu.zhku.web4.util.JdbcUtil" %>
<%@ page import="edu.zhku.web4.pojo.User" %>
<%@ page import="edu.zhku.web4.common.Constants" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>删除用户ing</title>
</head>
<body>
<%
    String userId = request.getParameter("id");
    User user = (User) session.getAttribute(Constants.USER_SESSION_ID);
    if (user != null && user.getId().equals(Long.valueOf(userId))) {
        if (JdbcUtil.executeUpdate("DELETE FROM user WHERE id = ?", userId) > 0) {
            // 删除成功，退出登录
            response.sendRedirect(request.getContextPath() + "/logout.jsp");
        } else {
            request.setAttribute("updateMsg", "删除失败，请重试");
            request.getRequestDispatcher("index.jsp").forward(request, response);
        }
    } else {
        // 未登录或尝试删除他人
        request.setAttribute("updateMsg", "只能删除自己");
        request.getRequestDispatcher("index.jsp").forward(request, response);
    }
%>
</body>
</html>
